Re: [qmailtoaster] Stopping links like ransomware before delivery
Hi Dan, I agree but it is exceedingly difficult to get clients to follow such instructions. Having said that I am interested in adding a small sed script to simply modify the http:// link to httDELETETHISp:// in all links. This will effectively stop any page being called by any browser. It is also reasonably obvious that removing the DELTETHIS will allow the page to execute. Do you know where it would be best to insert the one line sed script? TIA best wishes Tony White On 28/01/2015 02:44, Dan McAllister wrote: Tony: There are options in simcontrol to disallow certain extensions in attachments (by default, they're .mp3, .src, .bat, and .pif) and by adding more (say, .exe?) you can block those attachments completely... however there is nothing you can do in the /server /(or in the message) that will tell (or force) the email client NOT to run an attachment. That is totally the purview of the client software. (THIS IS WHY I tell my users to NEVER use the preview pane!) In the words of Comedian Ron White: *You've all kinds of plastic surgery options that can fix all kinds of ugly... but you can't fix stupid.* By which I mean that you cannot possibly engineer enough safeguards to prevent users from doing stupid things. Afraid that's the best advise I've got on this one :) Dan McAllister IT4SOHO On 1/26/2015 10:46 PM, Tony White wrote: Hi folks, Has anyone any idea how to safely change links in emails to force them to not autorun? A client recently had an email that had a link to ransomware which encrypted not only the users local drive but the mapped drives as well. Luckily we had a backup from the prior night so not too big a loss. It would have been better to not have the link autorun in the first place. -- IT4SOHO, LLC 33 - 4th Street N, Suite 211 St. Petersburg, FL 33701-3806 CALL TOLL FREE: 877-IT4SOHO 877-484-7646 Phone 727-647-7646 Local 727-490-4394 Fax We have support plans for QMail!
Re: [qmailtoaster] Stopping links like ransomware before delivery
Tony: There are options in simcontrol to disallow certain extensions in attachments (by default, they're .mp3, .src, .bat, and .pif) and by adding more (say, .exe?) you can block those attachments completely... however there is nothing you can do in the /server /(or in the message) that will tell (or force) the email client NOT to run an attachment. That is totally the purview of the client software. (THIS IS WHY I tell my users to NEVER use the preview pane!) In the words of Comedian Ron White: *You've all kinds of plastic surgery options that can fix all kinds of ugly... but you can't fix stupid.* By which I mean that you cannot possibly engineer enough safeguards to prevent users from doing stupid things. Afraid that's the best advise I've got on this one :) Dan McAllister IT4SOHO On 1/26/2015 10:46 PM, Tony White wrote: Hi folks, Has anyone any idea how to safely change links in emails to force them to not autorun? A client recently had an email that had a link to ransomware which encrypted not only the users local drive but the mapped drives as well. Luckily we had a backup from the prior night so not too big a loss. It would have been better to not have the link autorun in the first place. -- IT4SOHO, LLC 33 - 4th Street N, Suite 211 St. Petersburg, FL 33701-3806 CALL TOLL FREE: 877-IT4SOHO 877-484-7646 Phone 727-647-7646 Local 727-490-4394 Fax We have support plans for QMail!
[qmailtoaster] Stopping links like ransomware before delivery
Hi folks, Has anyone any idea how to safely change links in emails to force them to not autorun? A client recently had an email that had a link to ransomware which encrypted not only the users local drive but the mapped drives as well. Luckily we had a backup from the prior night so not too big a loss. It would have been better to not have the link autorun in the first place. -- best wishes Tony White - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com